Need to Node - Volume 2

Quite a bit has happened across the Node.js project over the past week, including some interesting discussions, renewed efforts, and unexpected announcements.

The project is pushing several new efforts with Node.js v10 on the horizon, in addition to the sunsetting of Node.js v4 only two months away. We’re going to be entering a small period of evolution that several new, breaking features will surface in - exciting!

What’s New in the Node.js Project

The Node.js Security WG has been participating in an ongoing discussion around an official, machine-readable security vulnerability database for modules in the ecosystem. Such a database would be beneficial to both the community, security researchers, and businesses who rely on Node.js for their applications - and could be easily integrated into both community and commercial projects.

Rachel White, Co-Chair of the Community Committee, has decided she needs to step down as Co-Chair due to personal time constraints. I’d personally like to thank her for everything she’s done to help prop up and grow the Community Committee to the success it’s turned into. Thank you, Rachel.

A PR was created to codify how we move projects into the Node.js Foundation GitHub Organization. In the past year, we’ve begun moving several tools and repos that contributors to the project have maintained personally into the GitHub Organization, without an officially documented process - and there’s been a flurry of confusion from multiple parties each time. Hopefully, this document will help us smooth out that process and have something to directly refer to.

An issue was created in the Website Redesign Initiative repository, sharing a wireframe implementation of the information architecture the Initiative agreed upon in its last meeting. This wireframe went above and beyond, implementing quite a few top-level IA decisions in addition to a suite of the smaller nice-to-haves that have been discussed.

A PR proposing an official strategy for OpenSSL versioning was submitted, working around an interesting and difficult situation the Node.js project is in with OpenSSL and their LTS versions and timing. Specifically, Node.js v10 will be landing in a weird space where the current OpenSSL LTS will go EOL, and the OpenSSL team hasn’t (yet) announced which version of OpenSSL will be the next LTS.

Awesome Articles and Resources

Michael Dawson, IBMer and Chairperson of the TSC, published his slides from this Node.js What’s Next panel/discussion at Index 2018

One Last Thing…

I got some great feedback on Need To Node - Volume 1 last week, and am excited to continue the series on a weekly basis!

If you’ve got anything you’d be interested in seeing or have any awesome articles, modules, or other resources in the Node.js community, feel free to reach out to us on Twitter at @NodeSource to share - our DMs are open if you don’t want to share publicly!